Marro Privacy Policy

❓ What is this notice all about?

We want to be completely transparent about how we collect and use your personal data and this privacy notice exists to tell you exactly how we do this.

This notice applies wherever we decide why and how we process personal data (and therefore act as a Data Controller under data protection law). It covers the personal data we process when you use our services.

Our privacy notice tells you the journey of your personal data from the moment it enters our systems up until it's time for us to say "goodbye 👋*"*, as well as the various stops it makes along the way.




📮 Our contact details

Email: meow@marro.com




👇 The different ways we process personal data

  • When you add your pet’s information on our website

    • 🗂️ What personal data do we collect, why do we collect it, and what legal basis do we rely on?
        💡 Personal data is anything that can identify an individual, either on its own or through combining it with other factors that could eventually identify an individual.

       When you add your pet’s information on our website to order something, we will collect your name, email address, place of dwelling, postcode and your pets information and will rely on Article 6(1)(b) of the GDPR - Contractual Obligation and Article 6(1)f of the GDPR - Legitimate Interests for this processing. We are using a few cloud systems to help us manage our interactions with you. We rely on Article 6(1)(b) of the GDPR - Contractual Obligation and Article 6(1)(f) of the GDPR - Legitimate Interests for the sharing of data with these systems and our business relationships with them are governed by written agreements.

    • 🗺️ Where do we store it?

       Your data will be stored on a few systems, such as:

      • Fivetran - our data integration platform, so that we can standardise the data we hold about you and control the recipients that receive it. Fivetran is based in the USA and you can find out more about them here.

      • Salesforce (Heroku) - for the purposes of hosting marro.com on the web. Salesforce is based in the USA and you can find out more about them here.

      • Amazon Web Services - for the purposes of hosting marro.com on the web and making data available for analysis. Amazon Web Services have servers in the EEA and the USA, and you can find out more about them here.

      • Segment.io - our data integration platform, so that we can standardise the data we hold about you and control the recipients that receive it. Segment.io is based in the USA and you can find out more about them here.

      • Iterable - which provides our e-marketing platform, so that we can send you unsolicited marketing communications in accordance with your preferences. Iterable has servers in the UK, EEA and is based in the USA. You can find out more about them here.

      • Facebook - in order to show you targeted adverts through your Facebook account in accordance with your advertising and tracking preferences. Facebook has servers in Ireland and is based in the USA. You can find out more about them here.

      • Reddit - in order to show you targeted adverts through your Reddit account in accordance with your advertising and tracking preferences. Reddit is based in the USA and you can find out more about them here.

      • TikTok - in order to show you targeted adverts through your TikTok account in accordance with your advertising and tracking preferences. TikTok has servers in the UK and Ireland and you can find out more about them here.

    • ⏲️ How long do we keep it for?
       We keep the personal data mentioned for 12 months in line with statutory retention periods.

  • When you sign up to our service

    • 🗂️ What personal data do we collect, why do we collect it, and what legal basis do we rely on?
        💡 Personal data is anything that can identify an individual, either on its own or through combining it with other factors that could eventually identify an individual.

       When you sign up to our service we will collect your name, email address, place of dwelling, financial information and any other details required to manage our service to you and will rely on Article 6(1)(b) of the GDPR - Contractual Obligation and Article 6(1)(f) of the GDPR - Legitimate Interests for this processing. We are using a few cloud systems to help us manage our service to you. We rely on Article 6(1)(b) of the GDPR - Contractual Obligation and Article 6(1)(f) of the GDPR - Legitimate Interests for the sharing of data with these systems and our business relationships with them are governed by written agreements.

    • 🗺️ Where do we store it?
       Your data will be stored on a few systems, such as:

      • Bond Freeze - our third party logistics provider, for the purposes of fulfilling your order. Bond Freeze are based in Ireland and you can find out more about them here.

      • Seidor UK - our third-party enterprise resource planning provider, for the purposes of fulfilling your order. Seidor UK are based in the UK and you can find out more about them here.

      • Scurri - for the purposes of managing and optimising connects and optimises shipping and delivery. Scurri are based in Ireland and you can find out more about them here.

      • DPD - for the purposes of shipping your order to you. DPD are based in the UK and you can find out more about them here.

      • Interlink - for the purposes of shipping your order to you. Interlink are based in Ireland and you can find out more about them here.

      • Yodel - for the purposes of shipping your order to you. Yodel are based in the UK and you can find out more about them here.

      • Fivetran - our data integration platform, so that we can standardise the data we hold about you and control the recipients that receive it. Fivetran is based in the USA and you can find out more about them here.

      • Salesforce (Heroku) - for the purposes of hosting marro.com on the web. Salesforce is based in the USA and you can find out more about them here.

      • Amazon Web Services - for the purposes of hosting marro.com on the web and making data available for analysis. Amazon Web Services have servers in the EEA and the USA, and you can find out more about them here.

      • Segment.io - our data integration platform, so that we can standardise the data we hold about you and control the recipients that receive it. Segment.io is based in the USA and you can find out more about them here.

      • Iterable - which provides our e-marketing platform, so that we can send you unsolicited marketing communications in accordance with your preferences. Iterable has servers in the UK, EEA and is based in the USA. You can find out more about them here.

      • Twillo - an SMS service, so that we can send you a reminder that your delivery is coming. Twillo is based in the USA and you can find out more about them here.

      • LeadsBridge - in order to improve the efficiency of targeted adverts through Facebook Ads, and track and measure offline data, in accordance with your advertising and tracking preferences. LeadsBridge are based in the USA and you can find out more about them here.

      • Stripe - which processes payments you send to us and conducts fraud prevention and diligence checks to ensure the security and lawfulness of transactions carried out through our Service. Stripe is based in the UK/EEA and the USA, and you can find out more about them here.

      • PayPal - which processes payments you send to us and conducts fraud prevention and diligence checks to ensure the security and lawfulness of transactions carried out through our Service. Paypal is based in the EEA and the USA and you can find out more about them here.

      • Touchnote - the provider of personalised greetings cards, in order to send you individual gifts on an infrequent basis. Touchnote are based in the UK and you can find out more about them here.

      • Amazon Digital UK - the provider of third party gifts, in order to send you individual gifts on an infrequent basis. Amazon Digital UK is based in the UK and the EU and you can find out more about them here.

      • Bloom & Wild - the provider of plants and flowers, in order to send you individual gifts on an infrequent basis. Bloom & Wild are based in the UK and you can find out more about them here.

      • Stannp - the provider of personalised greetings cards, in order to send you individual gifts on an infrequent basis. Stannp are based in the UK and you can find out more about them here.

      • Facebook - in order to show you targeted adverts through your Facebook account in accordance with your advertising and tracking preferences. Facebook has servers in Ireland and is based in the USA. You can find out more about them here.

    • ⏲️ How long do we keep it for?
       We keep the personal data mentioned for the duration of our service to you, and for 6 years after this has ended, in line with statutory retention periods.

  • When you contact our customer love team

    • 🗂️ What personal data do we collect, why do we collect it, and what legal basis do we rely on?
        💡 Personal data is anything that can identify an individual, either on its own or through combining it with other factors that could eventually identify an individual.

       When you contact us we will collect your name, email address and your comments or opinions and any other details required to manage your queries and will rely on Article 6(1)(f) of the GDPR - Legitimate Interests for this processing. We are using a few cloud systems to help us manage our partnership with you. We rely on Article 6(1)(b) of the GDPR - Contractual Obligation and Article 6(1)(f) of the GDPR - Legitimate Interests for the sharing of data with these systems and our business relationships with them is governed by written agreements.

    • 🗺️ Where do we store it?
       Your data will be stored on a few systems, such as:

      • StellaService - the provider of our customer satisfaction platform, in order to obtain satisfaction information from you. StellaService is based in the USA and you can find out more about them here.

      • Dixa - the provider of our customer service platform, in order to track and respond to customer queries and complaints. Dixa is based in the USA and you can find out more about them here.

      • Boomerang - our contact centre business partner, in order to track and respond to customer queries and complaints. Boomerang is based in the USA and you can find out more about them here.

      • Elevio - the provider of our customer help centre, in order to assist in self service customer service. Elevio is based in Australia and you can find out more about them here.

      • AgoraPulse - the provider of our customer service social media platform, in order to track and respond to customer queries and complaints within social media. AgorgaPulse are based in the EEA and USA and you can find out more about them here.

  • When you partner with us

    • 🗂️ What personal data do we collect, why do we collect it, and what legal basis do we rely on?
        💡 Personal data is anything that can identify an individual, either on its own or through combining it with other factors that could eventually identify an individual.

       When you partner with us we will collect your name, place of dwelling, financial information and any other details required to manage our contractual relationship with you and will rely on Article 6(1)(b) of the GDPR - Contractual Obligation for this processing. We are using a few cloud systems to help us manage our partnership with you. We rely on Article 6(1)(b) of the GDPR - Contractual Obligation and Article 6(1)(f) of the GDPR - Legitimate Interests for the sharing of data with these systems and our business relationships with them is governed by written agreements.

    • 🗺️ Where do we store it?
       Your data will be stored on a few systems, such as:

      • Dropbox - is a file hosting service we use. Dropbox may need to transfer data outside the UK/EEA and relies upon a variety of legal mechanisms, such as contracts with their customers and affiliates, Standard Contractual Clauses (SCCs) and the European Commission's adequacy decisions about certain countries, as applicable. You can find out more about them here.

      • Google Drive - this is our data repository and we are using their servers based in Dublin, Ireland. You can find out more about them here.

      • Notion - which is another tool we use to manage our business relationship with you. Notion is a tool based in the US and you can find out more about them here.

      • Iterable - which is a growth marketing tool that we use and you can find out more about them here.

      • Webflow - which is used to build our website. Webflow is based in the US and they rely on European Commission–approved SCCs as a legal mechanism for data transfers to the U.S. You can find out more about them here.

    • ⏲️ How long do we keep it for?
       We keep the personal data mentioned for the duration of your partnership with us, and for 6 years after this has ended, in line with statutory retention periods.

  • When you visit our website

     The Marro website uses cookies and other similar technologies of which you should be aware.

    • 🗂️ What cookies do we collect, why do we collect them, and what legal basis do we rely on?
        💡 Cookies are text files placed on your hard drive by a web page server when you visit a website and are saved in your browser's history. They allow the website to recognise your device and store some information about your preferences or past actions. Cookies cannot be used to run programs or deliver viruses to your computer; they are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie.

      When you use our website, the cookies can be stored on your device are either first party cookies, which are placed and read by Marro directly while you are using our website or third party cookies, which are set by other third parties we have partnered with.

      Below is a list of the cookies we use and the purposes for which they are used:

      • Essential cookies

          💡 These are essential to the operation of our website and are integral to the functioning of our Website, therefore they cannot be removed.

        These cookies allow us to save your progress when signing up, remember your dog’s details and store your login details

      • Non-essential cookies

          💡 These cookies are additional to the the performance of our Website and help us improve the service we provide to you.

         Functional cookies allow us to monitor site usage to measure and improve performance, keeping the site consistent for you

Marketing cookies allow us to serve you personalised advertisements relevant to you and your dog

 You can choose not to store Non-essential cookies on your computer when you visit our website, or you can adjust your browser settings to prevent cookies from being saved on your computer. You can find information about how to manage Cookies in the most commonly used browsers at the following addresses:




📜 What are your rights?

Your personal data is yours and you have rights in relation to it granted by the UK GDPR, which include:

  • 📮 The right to be informed

     You have the right to be informed about the collection and use of your personal data, the purposes for processing, retention periods for that personal data and who it will be shared with. We have set this information out in this privacy notice.

  • 🗝️ The right of access

     You have the right to ask us for copies of the data we hold about you. If you ask us, we’ll confirm whether we’re processing your personal information and, if so, provide you with a copy of that personal information (along with certain other details).

  • ⛔ The right to object

     You have the right to ask us to stop processing your personal information in some circumstances, such as when we are relying on our own (or someone else’s) legitimate interests to process your personal information, when we are processing your personal information for direct marketing or when we are processing your personal information for research.

  • 📝 The right to rectification

     You have the right to ask us to rectify the personal information you think is inaccurate or to complete information you think is incomplete. When you ask us to rectify your information, if we’ve shared your personal information with others, we’ll let them know about the rectification where possible.

  • 🧽 The right to erasure

     You have the right to ask us to erase your personal information, in some circumstances, such as where we no longer need it or you withdraw your consent (where applicable).

  • 🚫 The right to restrict processing

     You have the right to ask us to restrict the processing of your personal information for a period of time in some circumstances, such as where you contest the accuracy of that personal information or object to us processing it. This right is separate from the right to object and will only stop us from using your personal information further, not from processing it. If we’ve shared your personal information with others, we’ll let them know about the restriction where possible.

  • ✈️ The right to data portability

     You have the right to ask that we transfer the personal information you gave us to another organisation, or to someone else, in some circumstances.

You don't have to pay anything in order to exercise your rights. Please contact us by sending an email to meow@marro.com if you wish to make a request under your rights; we have a calendar month to get back to you with a response.




💔 How you can complain

If you have any concerns about our use of your personal information, please let us know by:

 💡 Emailing us at meow@marro.com , or calling us at 02071235808

 💡 Writing to us at West Works, 195 Wood Ln, London W12 7FQ

If you are not satisfied with our response or you are unhappy with how we have used your data, you can complain to the Information Commissioner's Office (ICO). You can find the ICO contact details below:

 💡 ICO Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, Helpline number: 0303 123 1113.

 💡 ICO Website: https://www.ico.org.uk